<?php

include "header.php";
require_once("phpbb.class.php");

$phpbb_action = @$_REQUEST["op"];
//***************************************************************
//parameters used at class construction
//first parameter = absoulute physical path of the phpbb 3 forum ($phpbb_root_path variable)
//second parameter = php scripts extensions ($phpEx variable)
$phpbb = new phpbb("forum", "php");

$P = new cMyPage;
$P->loadHeader();
$P->loadTitle("Welcome");
$locList = array();
$loc['url'] = '/index.php';
$loc['name'] = 'Home';
array_push($locList, $loc);
$loc['url'] = '/profile.php';
$loc['name'] = 'My Profile';
array_push($locList, $loc);
$P->loadLocation($locList);
$P->loadLinks();
$P->loadPreContent("My Profile");
if($P->isLoggedIn()) {
if($_FILES['resData']['size'] > 0) {
	$image_types = Array ("application/pdf","application/msword");

	$fileName = $_FILES['resData']['name'];
	$tmpName  = $_FILES['resData']['tmp_name'];
	$fileSize = $_FILES['resData']['size'];
	$fileType = $_FILES['resData']['type'];
	
	$fp      = fopen($tmpName, 'r');
	$content = fread($fp, filesize($tmpName));
	$content = addslashes($content);
	fclose($fp);
	if(!get_magic_quotes_gpc())
	{
	    $fileName = addslashes($fileName);
	}

	$addresume = "INSERT INTO resumes (id, name, size, type, content ) ".
"VALUES ('".$user->data['user_id']."', '$fileName', '$fileSize', '$fileType', '$content')";

	if( substr($fileName, strlen($filename)-3,3) == "pdf" ||
		substr($fileName, strlen($filename)-3,3) == "doc" ||
		substr($fileName, strlen($filename)-4,4) == "docx" ||
		substr($fileName, strlen($filename)-3,3) == "html" ) 
  	{ 
 		$delresume = "DELETE FROM `resumes` WHERE id = '".$user->data['user_id']."'";
		 
		$delQuery = $db->sql_query($delresume);
			
		$addQuery = $db->sql_query($addresume);
		$resError = false;
  } 
  else 
  { 
  		$resError = true; 
  }

}
	?>
   <div style="vertical-align:top; float:right;">
   <? 
	if($resError) {
		echo '<span class="alert">Error: You may only uplaod word documents or adobe pdf files.</span><br />';
	}
$sql = "SELECT * FROM resumes WHERE id = '".$user->data['user_id']."'";
$query = $db->sql_query($sql);
if($db->sql_affectedrows() > 0)
{
  while($row = $db->sql_fetchrow($query))
  {
  ?>
  <img src="img/pdf.png"> <a href="viewres.php?id=<? echo $row['id']; ?>"><? echo $row['name']; ?></a> <br>
  <?
  }
}
else
{
echo "No resume's found.<br>You should upload your resume";
}

//Populate form fields
$sql = "SELECT a.name, b.user_website, b.user_interests, b.user_from, a.YearGrad, a.Department, a.Concentration, a.Degree_Undergrad, a.Degree_Grad, a.Degree_Phd, e_name, e_location, e_datestarted, e_title, e_department, e_website FROM `users` a join `phpbb_users` b on a.id = b.user_id  where a.id = '".$user->data['user_id']."' ";
$q = $db->sql_query($sql);
$row = $db->sql_fetchrow($q);
//var_dump($row);
?>
   <form enctype="multipart/form-data" action="profile.php" method="post">
   <p>Resume Upload</p>
   <input type="hidden" name="MAX_FILE_SIZE" value="20000000">
   <input type="file" name="resData" /><br />
   <input type="submit" class="btn" name="Upload" value="Upload" />
   </form>
   </div>
	<table>
	<tbody>
	<tr>
	<td>Name</td>
   <td><input id="name" type="text" value="<?=$row['name']; ?>" /></td>
	</tr>
	<tr>
	<td>Current City</td>
   <td><input id="location" type="text" value="<?=$row['user_from']; ?>" /></td>
	</tr>
	<tr>
	<td>Graduation Year</td><td><input id="gradyear" type="text" value="<?=date('Y',strtotime($row['YearGrad'])); ?>" /></td>
	</tr>
   <tr>
	<td>Department</td>
   <td><input id="department" type="text" value="<?=$row['Department']; ?>" /></td>
	</tr>
   <tr>
	<td>Concentration</td>
   <td><input id="concentration" type="text" value="<?=$row['Concentration']; ?>" /></td>
	</tr>
   <td>Degree(s) Attained</td><td>
   <input type="checkbox" id="deg_u" name="degu" <? if($row['Degree_Undergrad'] == 1) echo "checked=\"checked\""; ?>  />Undergraduate<br />
	<input type="checkbox" id="deg_g" name="degg" <? if($row['Degree_Grad'] == 1) echo "checked=\"checked\""; ?>  />Graduate<br />
	<input type="checkbox" id="deg_d" name="degp" <? if($row['Degree_Phd'] == 1) echo "checked=\"checked\""; ?>  />Doctorate<br />
   </td>
	</tr>
	<tr>
	<td>Interests</td>
   <td><input id="interests" type="text" value="<?=$row['user_interests']; ?>" /></td>
	</tr>
   <tr>
	<td>Website</td>
   <td><input id="website" type="text" value="<?=$row['user_website']; ?>" /></td>
	</tr>
   <tr>
   <td align="left" colspan="2">Employer Information</td>
   </tr>
   <tr>
   <td>Current Employer</td>
   <td><input id="employer" type="text" value="<?=$row['e_name']; ?>" /></td>
   </tr>
   <tr>
   <td>Title</td>
   <td><input id="emp_position" type="text" value="<?=$row['e_title']; ?>" /></td>
   </tr>
   <tr>
   <td>Department</td>
   <td><input id="emp_department" type="text" value="<?=$row['e_department']; ?>" /></td>
   </tr>
   <tr>
   <td>Date Started</td>
   <td><input id="emp_started" type="text" value="<?=date('Y-m-d', strtotime($row['e_datestarted'])); ?>" /></td>
   </tr>
   <tr>
   <td>Location</td>
   <td><input id="emp_location" type="text" value="<?=$row['e_location']; ?>" /></td>
   </tr>
   <tr>
   <td>Company Website</td>
   <td><input id="emp_website" type="text" value="<?=$row['e_website']; ?>" /></td>
   </tr>
   
   
   <tr>
   <td align="center" colspan="2"><input id="saveProfile" class="btn" type="button" value="Save Profile" /></td></tr>
	</tbody>
	</table>
	
	<?
} 
else {
	echo "Please Log In";
	$P->displayLogin();
}
$P->loadFooter();

function uploadResume() {
global $user, $db;
$image_types = Array ("application/pdf","application/msword");

	$fileName = $_FILES['resData']['name'];
	$tmpName  = $_FILES['resData']['tmp_name'];
	$fileSize = $_FILES['resData']['size'];
	$fileType = $_FILES['resData']['type'];
	
	$fp      = fopen($tmpName, 'r');
	$content = fread($fp, filesize($tmpName));
	$content = addslashes($content);
	fclose($fp);

	if(!get_magic_quotes_gpc())
	{
	    $fileName = addslashes($fileName);
	}

	$addresume = "INSERT INTO resumes (id, name, size, type, content ) ".
"VALUES ('".$user->data['user_id']."', '$fileName', '$fileSize', '$fileType', '$content')";

	if( substr($fileName, strlen($filename)-3,3) == "pdf" ||
		substr($fileName, strlen($filename)-3,3) == "doc" ||
		substr($fileName, strlen($filename)-4,4) == "docx" ||
		substr($fileName, strlen($filename)-3,3) == "html" ) 
  	{ 
 		$delresume = "DELETE FROM `resumes` WHERE id = '".$user->data['user_id']."'";
		 
		$delQuery = $db->sql_query($delresume);
			
		$addQuery = $db->sql_query($addresume);
		$resError = false;
	  	
  } 
  else 
  { 
  		$resError = true; 
  }
}
?>